REMARKS 

Claims 1-29 are now pending in the application. By this Amendment, claims 1, 
15 and 26 have been amended. Support for the amendments can be found throughout 
the specification, claims and drawings as filed, and, as such, no new matter has been 
added. The Examiner is respectfully requested to reconsider and withdraw the 
rejections in view of the amendments and remarks contained herein. 

Drawings 

Applicants gratefully acknowledge the acceptance of the drawings as filed 
December 22, 2004. 

Claim Objections 

The Examiner objected to grammatical errors in independent claims 1,15 and 26 
in relation to the term "in real time." In accordance with the Examiner's request, "in real 
time" has been enclosed in commas in claims 1, 15 and 26. Applicants respectfully 
request reconsideration and withdrawal of the objection. 

Rejection Under 35 U.S.C. §103 

With reference to pages 2-6 of the Office Action, claims 1-7, 11, 15-17, 21-26 
and 28 were rejected under 35 U.S.C. § 103(a) as being unpatentable over Vaid et al. 
(US 6,078,953), hereinafter "Vaid," in view of Clark et al. (US 6,442,588), hereinafter 
"Clark." This rejection is respectfully traversed. 

Claim 1 has been amended by the addition of the subject matter "said first 
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communication network coupled to said second communication network" to clarify that 
the first communication network is coupled to the second communication network by a 
gateway and a firewall. The word "simultaneously" has been deleted from claim 1. 
Basis for these amendments can be found in the specification as filed including the 
Figures. 

Independent claims 1, 15 and 26 have been amended to specify that the 
authenticated IP address includes authentication of a user. Basis for this amendment 
can be found, for example, in the paragraph spanning pages 9 and 10, which clarifies 
that, for specific embodiments of the invention, authentication takes place for both the 
user and the terminal being used by the user before network access is granted. 

Independent claims 1, 15 and 26 have been amended to also specify that the 
dynamic control in real time of bandwidth available to the one or more user terminals is 
at least on the basis of the authenticated user. Basis for this amendment can be found, 
for example, in the paragraph spanning pages 9 and 10. This amendment clarifies that, 
in the present invention, bandwidth allocation not only requires an authenticated 
terminal, but is also based on a specific, authenticated user. 

In view of the above clarifying amendments, it is respectfully submitted that 
neither Vaid nor Clark disclose a method, system or gateway for monitoring and 
controlling data transfer in communication networks in which data transfer is monitored 
and/or controlled, and specifically in which bandwidth available to user terminals is 
dynamically controlled in real time, on the basis of an authenticated IP address and an 
authenticated user. An important distinction between the present invention and the prior 
art is that the dynamic bandwidth allocation is based on the user. The user can be 
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logged onto any terminal, but the bandwidth allocation and monitoring are on a per user 
basis, which is neither disclosed nor suggested by any single prior art document or 
combination thereof. 

The Applicants agree with the Examiner's assessment of Vaid on pages 2 and 3 
of the Office Action. The Applicants further acknowledge that Vaid makes references 
throughout to users and terminals, but Vaid does not disclose or suggest the 
aforementioned limitation present in independent claims 1, 15 and 26 of bandwidth 
management on the basis of the user. 

With reference to col. 9, line 66 to col. 10, line 8, the bandwidth/traffic 
management tool 208 of Vaid performs inbound and outbound monitoring and control of 
flows by application, source address, destination address, URL, time of day, day of 
week, day of month, and other variations. There is no explicit disclosure that such 
monitoring and control is on the basis of a user. The Applicants acknowledge that the 
subsequent paragraph makes reference to, for example, a "Mr Hog" - a user occupying 
too much bandwidth and that, for example, col. 10, lines 58-61 discloses that problems 
or limitations are dealt with that are specific to particular users. There are also other 
references in Vaid to "users" and similar terms, such as "clients" and "children." 
However, in Vaid, such references are not disclosures or suggestions that bandwidth 
allocation and monitoring are on the basis of an authenticated user. This becomes 
apparent upon reading the configuration of the tool in Vaid, which is on the basis of 
traffic classes, traffic policies, traffic rules and traffic entities, as described in col. 13, line 
28 to col. 14, line 36. 

Col. 13, lines 32-43 state that data flows are identified based on traffic classes 
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and provides a range of example of traffic classes, including IP address, subnet, 
network, netgroup, one or more URLs. However, an authenticated user is not listed as 
an example, nor suggested as being a possibility. 

Similarly, col. 13, line 56 to col. 14, line 27 describes the traffic policies of Vaid 
and states that they are used to control the traffic behaviour of the specific classes. 
Bandwidth guarantees and limits are disclosed along with priorities and admission 
control, which establishes conditions under which a new network session or service 
request is admitted or not admitted. However, none of the traffic policies of Vaid are 
based on users. 

Furthermore, neither the traffic rules nor the traffic entities of Vaid make 
reference to users in the true sense. For example, with reference to col. 14, lines 37- 
48, in Vaid an entity generally refers to an IP address, host, subnet, IP net, IP range, 
URL or a group of other network entities. There is no teaching or suggestion of an 
entity being a user. With reference to col. 14, line 49 to col. 15, line 5, in relation to 
developing traffic policies, Vaid states that the type of business performed by the user 
over the Internet may need to be understood and taken into account. However, Vaid 
then states in col. 14, line 56 that "...if the user is an ISP,...". Therefore, reference here 
to a user is not to an individual person using a terminal, but an organization in the form 
of an Internet Service Provider (ISP). The section related to traffic policies also refers to 
clients, servers and URLs, none of which are individuals using a terminal. 

Referring to col. 12, line 35 to col. 13, line 5, the tool of Vaid uses a Flow 
Analysis and Session Tagging (FAST) module to implement traffic monitoring and a 
Flow Analysis and Intelligent Regulation (FAIR) module to implement traffic control. 
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The FAST and FAIR modules are overseen by the policy engine module 231. The 
FAST module provides for classification and measurement of traffic parameters and the 
FAIR module implements traffic control based on flow control and queuing algorithms. 
There is no disclosure or suggestion in Vaid that any of the FAST, FAIR or policy engine 
modules operate on a user basis. 

Hence, there is no disclosure or suggestion in Vaid of monitoring and/or 
controlling data transfer on a per user basis. In contrast, the Applicants acknowledge 
that Clark refers to users and col. 4, lines 29-45 refer to authenticating a user and 
assigning an IP address to that user from a pool of IP addresses. However, the term 
"dynamic" when used in relation to the Dynamic Filtering Firewall (DFF) refers to a table 
of currently authenticated online service provider (OSP) end user IP addresses. User 
IDs and related IP addresses are added and removed from the table when connected 
and disconnected respectively. 

On page 4 of the Office Action, the Examiner argues that it would have been 
obvious to one skilled in the art to apply the authentication process of Clark to the 
invention disclosed in Vaid. However, it is respectfully submitted that it would not have 
been obvious to one skilled in the art to make such a combination. Since Vaid has no 
policies, traffic monitoring or traffic management protocols based on users, the skilled 
addressee would not be motivated to combine the teachings of Clark, which is user 
based. Conversely, in the presence of Clark, which is user based, the skilled addressee 
would not be motivated to utilise the teachings of Vaid, which is not user based. 

On page 4 of the Office Action, the Examiner goes on to state that "requiring 
authentication of each user terminal....". Whilst embodiments of the present invention 
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involve authenticating an IP address, the focus of the present invention, as recited in 
independent claims 1, 15 and 26, is authenticating users and dynamically allocating 
bandwidth available to the user, rather than to the terminal or a group of terminals of a 
particular category or class. 

Hence, it is respectfully submitted that one skilled in the art would not combine 
the teachings of Vaid and Clark. In the event that one skilled in the art attempted to 
combine Vaid and Clark, it would be apparent that the systems of Vaid and Clark were 
at odds with each other and such a combination would not lead the skilled addressee to 
the present invention as claimed in independent claims 1, 15 and 26. Therefore, 
independent claims 1,15 and 26 are considered patentable over Vaid in view of Clark. 
Applicants respectfully request reconsideration and withdrawal of the rejections of 
claims 1,15 and 26. 

In light of the aforementioned submissions in relation to the combination of Vaid 
and Clark, it is respectfully submitted that the present invention as claimed in dependent 
claims 2-7, 11, 16-17, 21-25 and 28 are also patentable over Vaid in view of Clark. 
Applicants respectfully request reconsideration and withdrawal of the rejections of 
claims 2-7, 11,16-17, 21-25 and 28. 

With reference to page 6 of the Office Action, claims 8 and 19 were rejected 
under 35 U.S.C. § 103(a) as being unpatentable over Vaid in view of Clark and in 
further view of Golden (US 6,272,127), hereinafter "Golden." This rejection is 
respectfully traversed. 

In light of the aforementioned submissions in relation to the combination of Vaid 
and Clark, it is respectfully submitted that the present invention as claimed in claims 8 
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and 19 is patentable over Vaid in view of Clark and in further view of Golden. 
Applicants respectfully request reconsideration and withdrawal of the rejections of 
claims 8 and 19. 

Referring to page 6-8 of the Office Action, claims 9, 10, 12-14, 20, 27 and 29 
were rejected under 35 U.S.C. § 103(a) as being unpatentable over Vaid in view of 
Clark and in further view of Bendinelli et al. (US Appln. 2002/0026503), hereinafter 
"Bendinelli." This rejection is respectfully traversed. 

In light of the aforementioned submissions in relation to the combination of Vaid 
and Clark, it is respectfully submitted that the present invention as claimed in claims 9, 
10, 12-14, 20, 27 and 29 is patentable over Vaid in view of Clark and in further view of 
Bendinelli. Applicants respectfully request reconsideration and withdrawal of the 
rejections of claims 9, 10, 12-14, 20, 27 and 29. 

Furthermore, the Applicants note that Bendinelli is directed to a proxy, which only 
controls ports used for services. Ports used for services represent only a small 
proportion of the number of ports available and therefore the methods and systems of 
Bendinelli are limited in that they cannot control access and data transfer via all ports. 
The skilled addressee would not combine the teachings of a proxy disclosed in 
Bendinelli with the teachings of either Vaid or Clark. In the event that they did so, they 
would not and could not arrive at the present invention as claimed. 

Additional References 

On pages 8-9 of the Office Action, the Examiner referred to four (4) additional 
references that the Examiner considered relevant, but did not cite against the present 
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application. For the sake of completeness, the Applicants' comments follow 
demonstrating that the four (4) additional references also fail to anticipate or render 
obvious the present invention as claimed irrespective of whether the citations are 
considered alone or combined with one or more of the other prior art documents. 

US Patent 6,771,661 (Chawla et al., hereinafter "Chawla") discloses a device 
that can be configured via external communications to modify bandwidth, which can be 
performed on a specific session of data communication. Chawla does not disclose or 
suggest user identification or connection to, or the application of, user level 
identification. Therefore, the session information could only be by typical session 
identifiers found within networks, such as IP address or MAC address. (The MAC is only 
relevant to the origin machine level if the packets have not been routed). 

US Patent 5,896,499 (McKelvey, hereinafter "McKelvey") discloses a hardware 
security system that utilizes a user authentication program, a firewall configuration 
program, a firewall control program that is at least a firewall monitoring program. 
McKelvey fails to teach or suggest the linking of any form of bandwidth management to 
users. 

US Patent 6,182,226 (Reid et al., hereinafter "Reid") discloses a system for 
controlling interactions between networks, but fails to dynamically control a users 
bandwidth on a per user basis. The systems and methods of Reid also have a limited 
amount of port visibility, suggesting that Reid actually discloses a proxy, or a system 
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that functions in a very similar manner. The present invention is not a proxy. 

US Patent Appln. 2003/0051057 (Garnett et al., hereinafter "Garnett") is 
concerned with higher density computer systems and providing "edge protection" 
therefore, i.e. protection at the edge of a group of cooperating individual computer 
systems. Garnett makes no disclosure or suggestion of dynamically controlling in real 
time the bandwidth available to one or more user terminals at least on the basis of an 
authenticated user. 
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Conclusion 

It is believed that all of the stated grounds of rejection have been properly 
traversed, accommodated, or rendered moot. Applicants therefore respectfully request 
that the Examiner reconsider and withdraw all presently outstanding rejections. It is 
believed that a full and complete response has been made to the outstanding Office 
Action and the present application is in condition for allowance. Thus, prompt and 
favorable consideration of this amendment is respectfully requested. If the Examiner 
believes that personal communication will expedite prosecution of this application, the 
Examiner is invited to telephone the undersigned at (248) 641-1600. 



Harness, Dickey & Pierce, P.L.C. 
P.O. Box 828 

Bloomfield Hills, Michigan 48303 
(248)641-1600 

[DAM/LNK/ca] 



Respectfully submitted, 





David A. McClaughry 
Reg. No. 37,885 
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